[11835] in Hotline Meeting
hacked workstations in w20
daemon@ATHENA.MIT.EDU (yandros@Athena.MIT.EDU)
Thu Nov 19 10:43:39 1992
From: yandros@Athena.MIT.EDU
Date: Thu, 19 Nov 92 10:43:18 -0500
To: hotline@Athena.MIT.EDU, larugsi@Athena.MIT.EDU
Cc: starflt@Athena.MIT.EDU, carla@Athena.MIT.EDU, goguen@Athena.MIT.EDU
Reply-To: yandros@Athena.MIT.EDU
This morning a user asked an OLC question from a public workstation
that he had remotely logged into without anyone logged in on console.
I logged into the workstation and did some searching around, and found
a some very interesting information; let me know if you'd like a copy.
Then someone logged into the console, so I grabbed the history file,
unhacked reactivate (it's the standard access_on/xhost + hack we've
seen so often), booted the non-console user, and logged out. The
non-console user then preceeded to log into ANOTHER public
workstation. I followed, and the user logged out, waited a few
minutes, and logged into YET ANOTHER machine. This machine already
had someone logged in, so I contacted both users (the console and
non-console ones). The console user was most helpful; the non-console
user disabled remote access and sent me a long reply; again, let me
know if you wish a copy. I then informed the console user that they
should destroy their tickets until the other user could log out. A
long conversation ensued, in which the user explained to me their
justifications, and showed apparent lack of knowledge of the Athena
Rules of Use. At the end of the conversation, before I could point
out the location of the rules of use, the user logged out voluntarily.
I contacted Derrick Kong during the conversation, but he was unable to
come until right after the conversation had ended. He reviewed the
log of the conversation; anyone else who would like a copy should
contact me.
Thank You.
-C
